<? include("include/session.php");

if(!$session->logged_in)
	{
		
		header("Location: notallowed.php");

	}
	
?>
<? include("functions.php");?>
<!DOCTYPE PHP>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Bestellen - PizzaRio</title>
<link href="CSS/opmaak.css" rel="stylesheet" type="text/css">
<!--[if lte IE 7]>
<style>
.content { margin-right: -1px; } /* this 1px negative margin can be placed on any of the columns in this layout with the same corrective effect. */
ul.nav a { zoom: 1; }  /* the zoom property gives IE the hasLayout trigger it needs to correct extra whiltespace between the links */
</style>
<![endif]-->
</head>

<body>
<div class="container">
  <div class="header"> <img src="Images/Header.png"> 
    
    <!-- end .header--></div>
  <div class="nav"> <? include("nav.html");?>
    <!-- end .nav --></div>
  <div class="content1">
    <h4> Hier kunt u de pizza bestellen. </h4>
	<?
	//...
	//mysql cnx code
	//...
	$link = mysql_connect(localhost, deb46160 , d3e01tGF) or die('Could not connect: ' . mysql_error());      //link met de database
    mysql_select_db(deb46160_PizzaRio) or die('Could not select database');        //selecteer de juiste database
	$sql="SELECT pizzaid, pizzanaam, prijs FROM pizzas";
	$result=mysql_query($sql);

	$options="";

	while ($row=mysql_fetch_array($result)) 
	{
    	$naam=$row["pizzanaam"];
    	$prijs=$row["prijs"];
    	$pizzaid=$row["pizzaid"];
    	$options.="<OPTION VALUE=\"$pizzaid\">".$naam. " ". "€".$prijs.'</option>';
	}
	?>

    <!--  ...
    //html code
    //...-->
    <form method="post"action="update.php">
    <p><SELECT NAME="bestellen">
      <OPTION VALUE=0>Kies uw pizza
      <?=$options?>
    </SELECT>

    <br />
<input type="submit" value="Submit" /></p>
</form>
<br />
<?
global $database;
$q = "SELECT Orderregel.ordernr, pizzas.pizzanaam, pizzas.prijs FROM pizzas, Orderregel
			WHERE pizzas.pizzaid = Orderregel.pizzaid AND Orderregel.ordernr = ".$_SESSION['orderid']."";
$result = $database->query($q);
$num_rows = mysql_numrows($result);
   if(!$result || ($num_rows < 0)){
      echo "Error displaying info";
      return;
   }
   if($num_rows == 0){
      echo "Database table empty";
      return;
   }
   /* Display table contents */
   echo "<table align=\"left\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";
   echo "<tr><td><b>ordernr</b></td><td><b>Naam</b></td><td><b>Prijs</td></b></tr>\n";
   for($i=0; $i<$num_rows; $i++){
      $naam= mysql_result($result,$i,"pizzanaam");
	  $ordernr= mysql_result($result,$i,"ordernr");
      $prijs = mysql_result($result,$i,"prijs");

      echo "<tr><td>$ordernr</td><td>$naam</td><td>$prijs</td></tr>\n";
   }
   echo "</table><br>\n";
?>
<p align="right">
<? 
	global $database;
	$q = "SELECT sum(pizzas.prijs) totaalbedrag FROM pizzas, Orderregel
			WHERE Orderregel.ordernr = ".$_SESSION['orderid']." AND pizzas.pizzaid=Orderregel.pizzaid";
	$result = $database->query($q);
	$num_rows = mysql_numrows($result);
   if(!$result || ($num_rows < 0)){
      echo "Error displaying info";
      return;
   }
   if($num_rows == 0){
      echo "Database table empty";
      return;
   }
   /* Display table contents */
   echo "<table align=\"right\" border=\"1\" cellspacing=\"0\" cellpadding=\"3\">\n";
   echo "<tr><td><b>Totaalprijs</b></tr>\n";
   for($i=0; $i<$num_rows; $i++){
	   $totaalbedrag= mysql_result($result,$i,"totaalbedrag");

      echo "<tr><td>$totaalbedrag</td></tr>\n";
   }
   echo "</table><br>\n";
     mysql_query("UPDATE `Order` SET totaalbedrag=".$totaalbedrag." WHERE Order.ordernr=".$_SESSION['orderid']."") or die(mysql_error());
	 $_SESSION['totaalprijs'] = $totaalbedrag;
?>
   </p> 
   <br />
<form method="post"action="step1.php">
    <p>
    <br />
<input type="submit" value="Ga door naar betalen" /></p>
<br />
   
    <!-- end .content1 --></div>
  <? include("footer.html"); ?>
  <!-- end .container --></div>
</body>
</html>